Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 FFC7D9AC-0D7E-

Exploit for Incorrect Authorization in Theforeman Smart_Proxy_Salt_FFC7D9AC-0D7E-5402-A0AD-BA8B6F3B9ACD

CVE-2021-3456 A practical chain that starts with an innocuous PDF file and ends up in a reverse shell on an AWS...

N/A N/A GITHUBEXPLOIT
HIGH 7.3 CVE-2025-7405

Information Disclosure, Information Tampering, and Denial of Service (DoS) Vulnerability in MELSEC iQ-F Series CPU module_CVE-2025-7405

Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthe...

Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-32MT/ES 1.060 and later CVE
HIGH 7.5 CVE-2025-7731

Information Disclosure Vulnerability in MELSEC iQ-F Series CPU module_CVE-2025-7731

Cleartext Transmission of Sensitive Information vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unau...

Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-32MT/ES All versions CVE
HIGH 8.8 DFC3A040-40F2-

Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile_DFC3A040-40F2-55B4-BCAE-CADBBC6CA28C

CVE-2025-4428 & CVE-2025-4427 CVE-2025-4428...

N/A N/A GITHUBEXPLOIT
HIGH 8.8 BFFD0736-5CC1-

Exploit for CVE-2025-9478_BFFD0736-5CC1-5933-BEA2-9ACF36765150

STIG – Microsoft Edge (Chromium) < 139.0.3405.125 Remote Code...

N/A N/A GITHUBEXPLOIT
HIGH 8.7 CVE-2025-9748

Tenda CH22 httpd IPSECsave fromIpsecitem stack-based overflow_CVE-2025-9748

A vulnerability was determined in Tenda CH22 1.0.0.1. Affected by this issue is the function fromIpsecitem of the file /goform/IPSECsave of the com...

Tenda CH22 1.0.0.1 CVE
HIGH 8 HACKREAD:D0D681...

WhatsApp 0-Day Exploited in Attacks on Targeted iOS and macOS Users_HACKREAD:D0D681185A0FA8375B7D59078CD63CC3

WhatsApp has patched a critical 0-day (CVE-2025-55177) that allowed zero-click spyware attacks on iOS and Mac users. The…

N/A N/A HACKREAD
HIGH 8.8 6585F25A-D705-

Exploit for CVE-2025-8714_6585F25A-D705-53D3-ADAC-BC4390959601

CVE-2025-8714-POC PoC de RCE en PostgreSQL — CVE-2025-8714 PoC de...

N/A N/A GITHUBEXPLOIT
HIGH 8.1 CVE-2025-47696

WordPress Blog Designer PRO plugin <= 3.4.7 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability_CVE-2025-47696

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Solwin Blog Designer PRO.T...

Solwin Blog Designer PRO n/a CVE
HIGH 7.2 F83E404E-F469-

Exploit for Incorrect Privilege Assignment in Fortinet Fortios_F83E404E-F469-5007-8092-EA8A361CF1C0

CVE-2025-53744-Forti-RCE...

N/A N/A GITHUBEXPLOIT